ceditlee55 1) How to clone repo?
git clone "https://foo.bar/your/repo/here.git"
ceditlee55 2) How to check for backdoors?
Go over the specific piece of code you wish to audit for backdoors, follow the logic & control flow, know the difference what the code is supposedly doing versus what its actually doing, and then decide based on your knowledge & findings whether or not the code is approriate for what it was designed for or it contains a backdoor.
Let me be honest here: if your first question was a genuine one, you probably don't have the skills needed to check for any backdoors. Frankly, most of us don't, not even most software developers (myself included). It's not like any backdoors are documented in the code like /* Malicious code block starts here */. Given the GrapheneOS project's focus on security, any potential backdoors would have to be extremely well hidden to stay out of sight despite scrutiny from developers who know their stuff; you or I wouldn't spot them even if they were shown to us.
ceditlee55 3) Web installer vs CLI vs source build?
Web Installer is recommended for all regular users & use cases. If you ever have a need to use the CLI installer, it'll be for a specific reason that you yourself will know.
Same with the source build. If you don't have a specific reason to build GrapheneOS from source, just stick with the pre-built official releases. It's way easier, much less complicated, and has much less risk of stuff breaking.